Vulnerabilities (CVE)

Filtered by vendor Netgear Subscribe
Total 1054 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2022-44191 1 Netgear 2 R7000p, R7000p Firmware 2022-11-23 N/A 9.8 CRITICAL
Netgear R7000P V1.3.1.64 is vulnerable to Buffer Overflow via parameters KEY1 and KEY2.
CVE-2022-44190 1 Netgear 2 R7000p, R7000p Firmware 2022-11-23 N/A 9.8 CRITICAL
Netgear R7000P V1.3.1.64 is vulnerable to Buffer Overflow via parameter enable_band_steering.
CVE-2022-44188 1 Netgear 2 R7000p, R7000p Firmware 2022-11-23 N/A 9.8 CRITICAL
Netgear R7000P V1.3.0.8 is vulnerable to Buffer Overflow in /usr/sbin/httpd via parameter enable_band_steering.
CVE-2022-44187 1 Netgear 2 R7000p, R7000p Firmware 2022-11-23 N/A 9.8 CRITICAL
Netgear R7000P V1.3.0.8 is vulnerable to Buffer Overflow via wan_dns1_pri.
CVE-2022-44186 1 Netgear 2 R7000p, R7000p Firmware 2022-11-23 N/A 9.8 CRITICAL
Netgear R7000P V1.3.1.64 is vulnerable to Buffer Overflow in /usr/sbin/httpd via parameter wan_dns1_pri.
CVE-2022-44197 1 Netgear 2 R7000p, R7000p Firmware 2022-11-23 N/A 9.8 CRITICAL
Netgear R7000P V1.3.0.8 is vulnerable to Buffer Overflow via parameter openvpn_server_ip.
CVE-2022-44196 1 Netgear 2 R7000p, R7000p Firmware 2022-11-23 N/A 9.8 CRITICAL
Netgear R7000P V1.3.0.8 is vulnerable to Buffer Overflow via parameter openvpn_push1.
CVE-2022-44193 1 Netgear 2 R7000p, R7000p Firmware 2022-11-23 N/A 9.8 CRITICAL
Netgear R7000P V1.3.1.64 is vulnerable to Buffer Overflow in /usr/sbin/httpd via parameters: starthour, startminute , endhour, and endminute.
CVE-2022-44194 1 Netgear 2 R7000p, R7000p Firmware 2022-11-23 N/A 9.8 CRITICAL
Netgear R7000P V1.3.0.8 is vulnerable to Buffer Overflow via parameters apmode_dns1_pri and apmode_dns1_sec.
CVE-2022-44184 1 Netgear 2 R7000p, R7000p Firmware 2022-11-23 N/A 9.8 CRITICAL
Netgear R7000P V1.3.0.8 is vulnerable to Buffer Overflow in /usr/sbin/httpd via parameter wan_dns1_sec.
CVE-2022-44199 1 Netgear 2 R7000p, R7000p Firmware 2022-11-23 N/A 9.8 CRITICAL
Netgear R7000P V1.3.1.64 is vulnerable to Buffer Overflow via parameter openvpn_server_ip.
CVE-2022-44200 1 Netgear 2 R7000p, R7000p Firmware 2022-11-23 N/A 9.8 CRITICAL
Netgear R7000P V1.3.0.8, V1.3.1.64 is vulnerable to Buffer Overflow via parameters: stamode_dns1_pri and stamode_dns1_sec.
CVE-2022-44198 1 Netgear 2 R7000p, R7000p Firmware 2022-11-23 N/A 9.8 CRITICAL
Netgear R7000P V1.3.1.64 is vulnerable to Buffer Overflow via parameter openvpn_push1.
CVE-2021-34865 1 Netgear 34 Ac2100, Ac2100 Firmware, Ac2400 and 31 more 2022-10-27 8.3 HIGH 8.8 HIGH
This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of multiple NETGEAR routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the mini_httpd service, which listens on TCP port 80 by default. The issue results from incorrect string matching logic when accessing protected pages. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of root. Was ZDI-CAN-13313.
CVE-2020-28041 1 Netgear 2 Nighthawk R7000, Nighthawk R7000 Firmware 2022-10-19 4.3 MEDIUM 6.5 MEDIUM
The SIP ALG implementation on NETGEAR Nighthawk R7000 1.0.9.64_10.2.64 devices allows remote attackers to communicate with arbitrary TCP and UDP services on a victim's intranet machine, if the victim visits an attacker-controlled web site with a modern browser, aka NAT Slipstreaming. This occurs because the ALG takes action based on an IP packet with an initial REGISTER substring in the TCP data, and the correct intranet IP address in the subsequent Via header, without properly considering that connection progress and fragmentation affect the meaning of the packet data.
CVE-2022-42221 1 Netgear 2 R6220, R6220 Firmware 2022-10-19 N/A 8.8 HIGH
Netgear R6220 v1.1.0.114_1.0.1 suffers from Incorrect Access Control, resulting in a command injection vulnerability.
CVE-2022-37234 1 Netgear 2 R7000, R7000 Firmware 2022-09-27 N/A 7.8 HIGH
Netgear Nighthawk AC1900 Smart WiFi Dual Band Gigabit Router R7000-V1.0.11.134_10.2.119 is vulnerable to Buffer Overflow via the wl binary in firmware. There is a stack overflow vulnerability caused by strncpy.
CVE-2022-37235 1 Netgear 2 R7000, R7000 Firmware 2022-09-24 N/A 9.8 CRITICAL
Netgear Nighthawk AC1900 Smart WiFi Dual Band Gigabit Router R7000-V1.0.11.134_10.2.119 is vulnerable to Buffer Overflow via the wl binary in firmware. There is a stack overflow vulnerability caused by strncat
CVE-2022-31937 1 Netgear 2 Wnr2000v4, Wnr2000v4 Firmware 2022-09-24 N/A 9.8 CRITICAL
Netgear N300 wireless router wnr2000v4-V1.0.0.70 was discovered to contain a stack overflow via strcpy in uhttpd.
CVE-2022-37232 1 Netgear 2 Wnr2000v4, Wnr2000v4 Firmware 2022-09-24 N/A 9.8 CRITICAL
Netgear N300 wireless router wnr2000v4-V1.0.0.70 is vulnerable to Buffer Overflow via uhttpd. There is a stack overflow vulnerability caused by strcpy.